(CkPython) Get Certificates within XML Signature

Demonstrates how to get the certificates contained within an XML signature.

Chilkat Python Downloads install with pip pip3 install chilkat or download... Python Module for Windows, MacOS, Linux, Alpine Linux

import sys
import chilkat

# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

sbXml = chilkat.CkStringBuilder()

# Load XML containing one or more signatures.
success = sbXml.LoadFile("qa_data/xml_dsig_valid_samples/multipleSigners/sp.pdf.XAdES.xml","utf-8")
if (success == False):
    print("Failed to load the XML file..")
    sys.exit()

dsig = chilkat.CkXmlDSig()

# First load the XML containing the signatures to be verified.
# Note that this particular Signature already contains the RSA public key that will be used
# for verification.
success = dsig.LoadSignatureSb(sbXml)
if (success != True):
    print(dsig.lastErrorText())
    sys.exit()

# For each signature, verify and also get the certificate(s) contained within each Signature.
i = 0
saCerts = chilkat.CkStringArray()
cert = chilkat.CkCert()

print("numSignatures = " + str(dsig.get_NumSignatures()))

while i < dsig.get_NumSignatures() :
    # Select the Nth signature by setting the Selector property.
    dsig.put_Selector(i)

    bVerifyReferenceDigests = True
    bVerified = dsig.VerifySignature(bVerifyReferenceDigests)
    print("Signature " + str(i + 1) + " verified = " + str(bVerified))

    # Get the certificates embedded in this signature.
    saCerts.Clear()
    success = dsig.GetCerts(saCerts)
    if (success == True):
        j = 0
        while j < saCerts.get_Count() :
            success = cert.LoadFromBase64(saCerts.getString(j))
            if (success == True):
                print("    " + cert.subjectDN())

            j = j + 1

    i = i + 1